More than half of cybersecurity leaders in the Middle East cite lack of funding as the top challenge in doing their jobs.
According to new research by Deloittearound 51% of respondents cited a lack of funding, compared to 36% of global security leaders.
That said, according to Gartner, cybersecurity spending in the Middle East and Africa will reach $238 billion in 2024, a huge increase compared to a projected $2.6 billion in 2022 – in light of increased attacks against targets in the regions.
Guy Rosenthal, vice president of product at DoControl, says this is evidence of the attention and concern about cybersecurity in markets like the Middle East.
“It is also very common in markets like Europe and East Asia for organizations to prioritize cybersecurity only after they reach a certain size,” he says. “Now that organizations in the Middle East are attracting the attention of threat actors, they need to up their game and therefore their spending on cybersecurity.”
It’s easier to start over
Spending on cybersecurity varies from organization to organization, Rosenthal says, but starting a cybersecurity program today is easier and without the technical debt of long-standing IT programs.
“[These security leaders] they are free to explore and embrace new innovations like enterprise browsers to solve multiple problems like secure web gateway, zero trustetc. instead of embracing complex – and sometimes expensive – solutions edge of the secure access service implementations,” he says. “There are pros and cons to starting over, and the benefits, such as the ability to nimbly embrace innovation, are often overlooked.”
Jose Seara, CEO and founder of DeNexus, says adopting automation and AI-based tools can be easier and faster to implement, as well as more effective at detecting new generations of cyber threats.
“With evidence-based data showing where their businesses and infrastructure are most vulnerable, what types of cyber attacks have the highest likelihood, and what the potential payoff is for risk mitigation strategies, [organizations] they can optimize their cybersecurity budget to address the most acute cybersecurity weaknesses,” says Seara.
Computer training is essential
Nearly 70% of respondents in the Deloitte report say training and certification programs are key to engaging, retaining and developing cybersecurity talent.
Tariq Ajmal, cyber leader at Deloitte Middle East, says training and certification programs are available in the Middle East, especially given the importance of the English language in the region’s business ecosystem, particularly in the field of cybersecurity.
“Organizations across the region need to ensure their employees have the opportunity to upskill and evolve to keep up with an ever-changing landscape,” says Ajmal. “This demonstrates the importance of raising awareness among organizations of the need for real investment in this space as cyber continues to penetrate further into every sector and industry.”